Phishing Alert - GRC SPEAKERS AND DISCUSSION LEADERS ARE BEING TARGETED BY PHISHING ATTEMPTS DESIGNED TO COLLECT PAYMENT FOR REGISTRATION OR LODGING. CLICK HERE FOR MORE DETAILS

Privacy Policy

Privacy Policy

Last Updated: June 29, 2019

Introduction

The website www.grc.org and any other website or application on which we have posted a link to this page (the “Website”) is owned and operated by Gordon Research Conferences (“GRC,” “we,” “our,” or “us”), incorporated in the State of Rhode Island on 04/11/2007 with principal offices located at 5586 Post Rd G02, East Greenwich, RI 02818. This Privacy Policy applies to our collection, storage, use and dissemination of information gathered from online visitors to the Website or by any other means. By visiting the Website, you agree that your visit and any dispute over our privacy practices is governed by this Privacy Policy and our Terms and Conditions of Use.

This privacy policy applies to “Personally Identifiable Information” or “PII” which GRC collects, stores and uses in connection with your use of the Website. PII is information that can be used to identify you specifically.

If you are in the European Union, including the UK, then we may, as a result be subject to the “GDPR”, Regulation (EU) 2016/679 of the European Parliament and Council on the protection of natural persons with regard to the processing of personal data (General Data Protection Regulation), in relation to you. Where that is the case, we refer to you in this Policy as an “EU Individual” and as such this Policy provides you with the information required by GDPR. GRC is the data controller of your PII for GDPR purposes which is “personal data” as defined in GDPR.

BY PROVIDING INFORMATION TO GRC VIA THIS WEBSITE, YOU ARE DEEMED TO CONSENT TO THE COLLECTION, STORAGE, USE AND DISSEMINATION OF SUCH INFORMATION AS DESCRIBED IN THIS PRIVACY POLICY, SAVE WHERE YOU ARE AN EU INDIVIDUAL AND GDPR DOES NOT ENABLE US TO OBTAIN YOUR CONSENT IN THIS WAY.

If you are an EU Individual, you can contact us at: 5586 Post Rd G02, East Greenwich, RI 02818, or privacy@grc.org in relation to our processing of your PII or any other data protection or data privacy matters. For these purposes, processing means any operation, including collection, organization, storage, use, disclosure and erasure.

VeraSafe has been appointed as GRC's representative in the European Union for data protection matters, pursuant to Article 27 of the GDPR. VeraSafe can be contacted in addition to privacy@grc.org, only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative

Alternatively, VeraSafe can be contacted at:

VeraSafe Czech Republic s.r.o
Klimentská 46
Prague 1, 11002
Czech Republic
VeraSafe Ireland Ltd.
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork T23AT2P
Ireland
VeraSafe Netherlands BV
Keizersgracht 555 
1017 DR Amsterdam 
Netherlands 

 

Information Collected by GRC and How it is Regularly Used and Shared

A. Why, When and What Personally Identifiable Information is Collected, Legal Basis

GRC collects information that individual visitors provide voluntarily. Some of this information is collected because it is useful in connection with GRC’s objectives, which include:

1. organizing scientific conferences;
2. providing an application and registration process for attendance at GRC conferences;
3. providing a forum for career networking and career advancement; and
4. supporting and encouraging young scientists as they establish initial scientific and personal contacts.

(For more information, feel free to read the GRC Mission Statement.)

If you are an EU Individual, these are the purposes for which we process your PII.

The PII which GRC collects and uses for these purposes typically includes your name, employer, physical address, email address, telephone number, fax number, picture, and education and work history. GRC does not store credit card data, it is processed by Payeezy, a First Data product. Click here to read their privacy policy.

GRC may collect and store PII in various places throughout the Website, including in connection with an application to attend a conference, or your services on a GRC board or committee (e.g., the Board of Trustees, the Finance Committee, the Conference Evaluation Committee), each as described in further detail below. PII may also be collected and stored if you provide it elsewhere in the course of a visit to the Website, such as while making a contribution to GRC, or in connection with a request for information from GRC.In addition to the uses described above, we may use your PII to:

  1. notify you of upcoming conferences, meetings and other events;
  2. contact you to respond to your questions and requests for information; and
  3. provide you with other information that we believe may be of interest to visitors to our website.
i. Conference Application and Admission Processes
If you apply to attend a conference, we will collect PII to facilitate that process. Such information may include your contact details, such as your name, employer, physical address, email address, telephone number and fax number. This is so that we can contact you and process your application. In addition, the PII requested may include your educational background and work history (including degrees received, positions held, awards and honors received) and publications in the relevant field. This is so that you can be considered for admission to the conference.

If your conference application is approved, you are expected to register and pay immediately to confirm your attendance and accommodations. To facilitate payment, GRC uses a third-party payment processor who collects your payment and billing information — e.g., your credit card number and billing address — who will use such information to process your payments.

If you are accepted to a conference, we will use your PII to:

1. process your registration and facilitate your attendance at the conferences;
2. process your payments related to conference attendance as aforesaid;
3. provide you with information regarding the conference, including scheduling and logistics; and
4. provide you with other information that we believe may be of interest to conference attendees.

With your consent, we also may share PII (other than payment information) of conference attendees with the other persons attending the same conference. The purpose of this is to enable conference attendees to contact each other prior to and after the conference, for networking purposes, in furtherance of one aspect of the GRC's mission.

ii. Service on a GRC Board or Committee, or as a Speaker

If you agree to serve on a GRC board or committee, to chair, vice chair or speak at a GRC conference, whether from the podium, as a poster presenter or otherwise, PII we collect may include your name, employer, physical address, email address, telephone number and fax number. We also usually request more detailed information regarding your educational and professional background, and we may also request a photograph.

We collect this information to make it available to conference applicants and attendees, and to those interested in learning more about GRC and the conferences it organizes.

Accordingly, if you agree to serve on a GRC board or committee, to chair, vice chair or speak at a GRC conference, whether from the podium, as a poster presenter or otherwise, we may post your PII on the relevant page of the Website, such as your name, employer, physical address, email address, telephone number and fax number, and your photograph if you have provided one. This is so that visitors to the Website, including conference applicants, attendees and speakers, and those interested generally in the GRC, can contact you with questions and requests for more information, and to provide feedback.

If you are an EU Individual, the legal basis on which we process your PII, depending on the purpose of the processing, as described above, is one of the following:

  • Performance of a contract – we will often we need to process your PII to perform a contract with have with you, such as a contract to attend a conference, or to take steps at your request prior to entering into a contract.
  • Legitimate interest - in many cases, the purposes we have described simply represent our legitimate business interests and the processing is proportionate and reasonable to achieve them and does not override your interests, fundamental rights or freedoms. This includes the interests described above, as well direct marketing, fraud prevention, ensuring information and network security and other purposes which are evident from this privacy policy.
  • In certain circumstances described below (in the section headed Additional Ways Your PII may be Used and Shared and with Whom) , exceptionally, we may need to process to comply with a legal obligation in the EU to which we are subject.
  • Consent - in certain specific situations, we may process your data with your specific freely given consent. When doing so, we will inform you of the purpose of the processing and you can withdraw consent at any time.
B. Why, When and What Usage Data is Collected

In addition to the information that users of the Website provide voluntarily, GRC may automatically collect certain information when you visit or use our Website. This information may include your IP address (or other unique device identifier, including one that we may assign); certain details about your browser, operating system, and hardware; your location, if available; the URL that referred you to the Website; your activities on the Website, including your preferences; and other logging information, such as the date and time of your visit. We may use a variety of tracking technologies to automatically collect information, such as cookies, web beacons, embedded scripts, browser fingerprinting, GPS, iBeacons, and ETags (or “entity tags”).

i. Cookies

“Cookie” technology helps GRC to simplify visitors' interactions with the Website. A cookie is a very small amount of information that is placed on your computer's hard drive by your browser on GRC's behalf. It is sent by your browser back to GRC when your return to the Website.

You may always choose not to receive a cookie by enabling your web browser to refuse cookies or to prompt you before your browser accepts a cookie. By refusing to accept a cookie, you may be asked to enter certain information each time you access certain areas of the Website. In addition, for marketing purposes, we may review specific paths that you or an aggregate of customers have traveled through the Website.

All web servers log certain technical information from visitors each time they request a page. We may aggregate such logged information anonymously to assist in designing enhanced user experiences and easier access to our information and services.

C. Third-Party Tracking and Do Not Track

Third parties may use tracking technologies in connection with our Website, which may include the collection of information about your online activities over time and across third-party websites. This Privacy Policy does not apply to these third-party technologies because we may not control them and we are not responsible for them. Do Not Track is a technology that enables users to opt out of tracking by websites they do not visit. Currently, we do not monitor or take any action with respect to Do Not Track technology.

Additional Ways Your PII May Be Used and Shared and With Whom

A. Use and Sharing Required by Law, to Prevent Harm and/or in Investigations

In addition to the uses and dissemination of PII described above, GRC may disclose your PII, the contents of your communications with us, and/or other information you have provided to us if required to do so by law, or with your consent, or in the good faith belief that such action is necessary: (1) to conform to applicable law or comply with legal process served on GRC; (2) to protect or defend the rights or property of GRC or others; (3) to assist, under exigent circumstances, in the investigation of possible violations of law or other investigations; and/or (4) to assist law enforcement in preventing harm to anyone. If you are an EU Individual, the above will only apply to legal obligations imposed on us under UK or EU law.

B. Sale of PII

GRC does not sell or rent visitors' PII to anyone. If you are an EU Individual, please be aware that we may transfer your PII to the following types of recipients:

  • Third-party service providers for the purposes of completing tasks and providing services to you on our behalf (for example to process payments and send you email confirmations).

Notice to Non-U.S. Website Users

If you are from a non-U.S. country, please be aware that the information you submit, including information provided in an online conference application, is being sent by you directly to a location operated by us in the United States for collection and further processing by us. Please note that since we are collecting the information directly from you, this does not involve our transferring your information to the United States.

If you are an EU Individual, upon request, free of charge, you have the right to:

  1. obtain confirmation as to whether we process your PII;
  2. access and obtain a copy of the PII we hold about you;
  3. obtain information about the purposes for which we process your PII and the categories of PII concerned;
  4. obtain information on the recipients or categories of recipients (including international recipients) to whom your PII has been or will be disclosed;
  5. request the correction of inaccurate PII we hold about you;
  6. request that we delete your PII, or stop processing it or collecting it, in some circumstances;
  7. transfer of your PII from us to another data controller;
  8. lodge a complaint to the supervisory authority in your jurisdiction in respect of our collection or use of your PII; and
  9. withdraw your consent to our collection, use, storage, and dissemination of your data at any time.

Please be aware that any request for withdrawal of consent under item (I) above will not affect the lawfulness of PII collected, processed, and transferred prior to the date of such withdrawal of consent.

To make any of the requests above, contact us at privacy@grc.org.

How You Can Control the Use of Your PII

You may indicate certain preferred restrictions on our use of your PII by contacting us by e-mail at privacy@grc.org. In that e-mail, you should indicate which of the following options you prefer:

  • (I understand that my PII will always be provided to other members of the conference that I attend, subject to my having opted in to this where I am an EU Individual)
  • GRC should not send me postal mail with newsletters or other information regarding upcoming conferences and events;
  • GRC should not send me electronic mail with newsletters or other information regarding upcoming conferences and events;
  • I understand that GRC may send me any information about third-party products and services, subject to my having opted in to this where I am an EU Individual).

To request access to, or notify us of changes to, PII we have collected, contact us at privacy@grc.org.

How Your PII is Protected

GRC implements reasonable technical and organizational measures designed to protect your PII from accidental loss and from unauthorized access, use, alteration or disclosure. Regardless of any such precautions taken in good faith by visitors or by us, security on the Internet is imperfect, and we cannot warrant the protection of any information visitors transmit to us, which visitors do voluntarily and at their own risk.

How Long Do We Store Your Personal Information?

If you are an EU Individual, we will delete your personal information once it is no longer proportionate for us to store it for the purposes of the processing in accordance with our applicable data record retention period. Our general record retention period is seven (7) years. This means that if you make a booking with us we will usually retain your personal information for seven (7) years from the latest of: the date on which you last attend one of our conferences, the last date on which we receive your booking or other active communication from you. Personal data of scientific or historical significance may be kept indefinitely subject to appropriate measures. This is subject to any legal or regulatory requirement to retain the information for a minimum period.

Linking to Other Web Sites

Visitors must be aware that, if at any time the Website has links to third-party websites, GRC does not control those websites and this Privacy Policy does not apply to such third-party websites. Visitors should examine the privacy statements for all third-party websites to understand their procedures for collecting, using, and disclosing visitors' information.

About Children's Privacy

The Website is intended for general audiences, and we do not knowingly seek or collect personal information from children under the age of eighteen (18). In accordance with the Child Online Privacy Protection Act, in the event that we learn that we have collected personal information from a child under age thirteen (13) without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any personal information from or about a child, please contact us at grc@grc.org

Changes to this Privacy Policy

GRC reserves the right to modify or amend this Privacy Policy at any time and for any reason. If we make any significant changes to our information privacy practices, GRC will post notice of the change on our homepage for a reasonable period of time after any such significant change is implemented.

Questions

Questions about this GRC Privacy Policy will be answered if submitted to us at privacy@grc.org.


Contact Us

MyGRC Account
Check your application status, complete your registration, update your poster, change your rooming preference, make a bus reservation, print an invitation letter, print a receipt (which includes verification that you are presenting a poster) or print an invoice by logging into your account.

GRC Venues
Everything you need to know, to plan your trip.

FAQs
Instant answers to common questions.

Tell us how we can help

Call us and leave a detailed message at: 401-783-4011

*This voicemail is only checked once daily. Due to high volume of requests during the conference season, responses may be delayed.

You have no notifications